[strongSwan] KEY_ID encoding
Tobias Brunner
tobias at strongswan.org
Mon Sep 14 10:56:07 CEST 2020
Hi Volodymyr,
> do not work - StrongSwan do not consider this connection when choosing
> between few.
Increase the log level for cfg to 3 [1] to see details about the matched
identities and read or send the log.
> What is the right way to describe id for PSK connection where remote
> part uses key-id type, e.g. on Cisco it is "crypto isakmp identity
> key-id aa"?
Don't know what Cisco will send if you do that, so no idea. You'll see
that in the log.
> And which id need to be used in 'secrets' section to achieve the result?
> Should it be
It must match the identity value and type you configure in the remote
section.
Regards,
Tobias
[1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration
More information about the Users
mailing list